How to configure Nethserver for WSUS?

v7

(Federico Ballarini) #1

NethServer Version: 7
Module: Firewall and Proxy

Can I redirect all windows update traffic to wsus server in my net? Anyone has got experience of this?
In my net I have 250 pc and I can’t configure each one to download update from wsus server…


(James Nesbitt) #2

In a normal Windows AD scenario where the Windows Workstations have joined the AD, one would configure it using Group Policies.

You can still create a Group Policy and use something like RSAT potentially (I haven’t looked too much into it), you may need to use Active Directory as the Accounts Provider.

http://community.nethserver.org/search?q=group%20policy may help give some guidance.


(Federico Ballarini) #3

I’m the network manager since march and the pc are not in AD because before they didn’t think at this… but every time that there is an update they are blocked…


(James Nesbitt) #4

With 250 workstations, I would strongly recommend setting up a GPO and applying that somehow to each of the workstations.

The GPO could potentially deployed via user scripts (managed by Nethserver user management) - haven’t read up on this myself, but it should be possible.

Some of the benefits of this will be:

  • Centralized Windows Updates with WSUS (less chance of a workstation not getting patched)
  • A standard template or templates of settings for the different groups or departments (easier troubleshooting as each workstation config will be standardized (in theory - in practice there will be instances of config drift).

(James Nesbitt) #5

Someone has just made a posting here which I think will be a real good place to start looking.


WSUS ON NethServer
(Federico Ballarini) #6

Ok, thanks… i will put all the pc in an AD domain.


(Rob Bosch) #7

I was looking if NethServer could be used as a host for Windows patches. I found this article in German: https://www.tecchannel.de/a/wsus-offline-update-windows-pcs-bequem-updaten,3289806 (or in English)

There is also a commercial product called nitrobit update server, but that seems not in active development (last version is for centos 5, so about 5-6 years old)


WSUS ON NethServer